This post focuses on how you can bypass the HANA logon or make an anonymous call for accessing an XSJS service. I would also share the challenge I faced when a XS app was wrapped as an Android app. How to create an Android PhoneGap plugin for UI5 Mobile
We might come across a situation where we need to bypass the default Form/Basic authentication. In my case, after wrapping the XS App into an .apk I couldn't navigate to any of my XSJS services unless I logged in with the usual HANA logon authentication. SQLCC helps by enabling us to configure the connection to the database, we can also use specific config for your individual SQL Connections. Below are the steps to achieve this.
Roles you would require:
- sap.hana.xs.admin.roles::SQLCCViewer
- sap.hana.xs.admin.roles::SQLCCAdministrator
The first step would be to create an .xssqlcc file in your XS project or using New -> Other -> Application Development -> SQL Configuration File
{
“description” : “Test SQL connection”
}
Activating this would create an entry in "_SYS_XS"."SQL_CONNECTIONS". Note that the USERNAME needs to be updated.
- Update the USERNAME using the below URL
http://hostname:port/sap/hana/xs/sqlcc
After Update :
- You can manage the security for your package from the below link.
http://hostname:port/sap/hana/xs/admin/
Once the XSSQLCC is created, all you need to do is to use it in your application. We can do this in two ways :
1) Set the parameter in my .xsaccess file
{
"anonymous_connection": "SQLCC::testsqlcc",
"exposed" : true,
"authentication" : null
}
2) Passing the "SQLCC::testsqlcc" as parameter in my $.db.getConnection();
Note : SQLCC file and the XSJS service SHOULD be in the same package, so that service can access the SQL Connection Configuration file
Below is a simple snippet of a XS app that calls the SQLCC .
//Open a DB connection
var conn = $.db.getConnection("SQLCC::testsqlcc");
var oResult = [];
var sql = "SELECT CUST_ID,CUST_NAME FROM \"TEST\".\"CUSTOMER\"";
var pstmt = conn.prepareStatement(sql);
var rs = pstmt.executeQuery();
while(rs.next()){
oResult.push({
"ID" : rs.getString(1),
"Name" : rs.getString(1),
});
}
rs.close();
conn.close();
$.response.setBody(JSON.stringify(oResult));
Result:
And now I have a service which does not throw a Basic pop up/Form logon. This helped us in navigating to the required service from the XS app which was wrapped as Android App.
Another authentication which you could explore would be OAuth !
Hope this post was helpful !
Avinash Raju
SAP HANA Consultant